Training - March 25 & 26

This two-day course will take a deep-dive into the fundamentals of SCADA security and provide students with the knowledge that they need to safely perform penetration testing against live SCADA environments. The course will also provide students with methodologies through which security research may be performed against SCADA devices in order to identify 0day flaws in some of the world’s most critical systems. During the course, students will have the opportunity to engage in live attacks against programmable logic controllers (PLC’s) and other industrial control systems, to include activities such as SCADA RTOS firmware reversing and SCADA protocol fuzzing.

Fuzzing For Vulnerabilities is unlike other fuzzing courses because it isn’t based on a specific fuzzing framework. Instead students learn how to develop their own fuzzers based on proven techniques. This course covers both generative and mutative fuzzing using dumb fuzzing, context-free grammar based fuzzing, and block based fuzzing.

This course teaches hardware hacking and reverse engineering techniques and skills commonly used against hardware products. It is a combination of lecture and hands-on exercises covering the hardware hacking process, proper use of tools and test measurement equipment, circuit board analysis and modification, embedded security, and common hardware attack vectors.

This intensive two-day course is designed to teach the fundamental investigative techniques needed to respond to today’s landscape of threat actors and intrusion scenarios. Completely redeveloped with all-new material in 2013, the class is built upon a series of hands-on labs that highlight the phases of a targeted attack, key sources of evidence, and the forensic analysis know-how required to analyze them.

This course introduces you to steganography, related concepts and basic least significant bit hiding/detection techniques. Then it showcases more advanced steganographic and steganalytic techniques such as high-capacity jpeg hiding, F5, and statistical hiding in audio and video along with corresponding detection techniques and malware applications. Scattered throughout are hands-on exercises with custom steganographic and steganalytic programs (including source code) that illustrate the various techniques and effectiveness of detection.

Tactical Exploitation teaches students a deeper level of new tools and lesser-known techniques. Along with the extended format, students will become immersed in a unique offensive school of thought. This class is designed to help students achieve success in any environment. Students learn how to compromise systems without depending on standard exploits and how to keep from getting caught.